DigitalOcean has announced a security issue with OpenSSH (sshd) that affects some Linux distributions, including Ubuntu, Debian, CentOS, AlmaLinux, and RockyLinux. The vulnerability allows an attacker to gain remote root access on vulnerable systems, but the exploit requires winning a race condition which can take several hours. DigitalOcean is asking its customers to upgrade SSHD on their Droplets and providing instructions for how to update SSHD on Dropets. Some products, such as App Platform, Container Registry, Functions, Load Balancers, Managed Databases, Monitoring, Networking, Spaces, Spaces CDN, Volumes, and VPC are not affected by the vulnerability. DigitalOcean is also taking action to ensure its internal environment is patched. Customers can update OpenSSH using interactive or non-interactive commands depending on their system configuration.